[Cryptography] Vulnerability of RSA vs. DLP to single-bit faults

Florian Weimer fw at deneb.enyo.de
Thu Sep 3 13:51:04 EDT 2015

* Ralf Senderek:

> The worrying part of the talk at CCC is that it's possible to "exfiltrate"

I found the format somewhat difficult to digest.  Is there are more
accessible version?  I wonder if they used specifically hardened
devices, or just the regular CPU versions.

> a RSA secret key from a chip with only pouring some chemicals and poking
> around with a flash light (and one single computation).

I'm not sure if that's worrying.  I don't think a general-purpose
computing device I own should have private keys I cannot access or
read in the first place.

More information about the cryptography mailing list